Best Tips for Keeping Your Data Secure Over the Holidays: The Top Experts Speak

Here’s the reality. As you’re out Christmas shopping, hunting for the best deals and wrapping those final unwrapped gifts, a malicious security hacker is behind a computer (somewhere) looking for the quickest way to profit from your data. As most of us are busy during this time of year, our security awareness in spotting phishing emails or protecting sensitive credit card data can quickly flat line. When your attention is being turned elsewhere, this is the best time to focus in. These experts will give you tips on how to do this and keep your data secure during the holidays.

To help with useful advice, we’ve reached out to top cyber security experts in the field to share their tips. We asked them to share two important tips on staying secure over the holidays. This is the question we posed:

What are two pieces of advice for keeping your data secure over the holidays?

Meet our Panel of Cyber Security Experts:

GARETH GRIFFITHS

SCOTT HUXLEY

CHARLES LEE MUDD

CAL COOK

SADIE CORNELIUS

AYANA MILLER

DEEP VARMA

GARETH GRIFFITHS

Gareth Griffiths is CTO of BridgeHead Software that helps healthcare systems safeguard their data, mitigate the impact of ransomware attacks, and reduce the incidence of cyber breaches.

These are my two pieces of advice for keeping data secure over the holidays:

Make sure your backups are untouchable. It’s crucial that IT departments have multiple sets of backups that CANNOT be attacked by any malware. For example, in addition to data kept online, an offsite tape copy should also be maintained and kept in a fire safe. Remember, any data that is kept online it is potentially vulnerable to ransomware or other cyber attacks.

Monitor your backups. Monitor your backups to ensure they’re ALL working. Everyone agrees backups are IMPORTANT, but they’re rarely URGENT, so it’s important to prioritize urgent failures over other issues like “the printer’s down” or “wi-fi won’t connect”. Consider working with an external service partner to manage your backup process so both “urgent” and “important” issues get the attention they need.

CHARLES LEE MUDD

With over twenty years of experience with Internet law, Charles Mudd Jr. represents domestic and international clients on diverse technology matters including data security and identity theft. Mudd also serves as adjunct faculty at John Marshal Law School, on the Board of ITechLaw, and has spearheaded his firm’s expansion into space law.

These are my two pieces of advice for keeping data secure over the holidays:

Create a password just for the holidays on your accounts. Many of us will likely be creating and using various online merchant accounts and bank accounts a lot during the holidays. Given this, and the likelihood that it may be difficult and frustrating to remember all of your passwords for all of the accounts, I recommend that you use one password for the holidays that is strong and unique. As soon as your holiday shopping has been completed, you should change the password to something new (do not revert back to the pre-holiday password). As a corollary, you should use a password app to keep track of the existing and new accounts used during the holidays so you can be sure to remember each one that needs a new password.

Related to the first but from a different perspective, employers should be requiring employees to change to a new password on the office computers at the beginning of the year. But, even better, each employer should pass along the advice in (1) to their employees because many employees will (whether permitted or not) use work computers to complete online shopping. So, the employee should create a new password for the holiday season on all accounts (work passwords SHOULD NOT be the same as personal passwords) and the change them again in the New Year (or as soon as holiday shopping has concluded). As a corollary to (2), all employers should make a new years resolution to educate employees on creation of strong passwords and the employer’s password policy.

SADIE CORNELIUS

Sadie Cornelius is the Marketing Director for SafeSmartLiving.com, the website that demystifies the confusing world of smart home living, personal finances, wearable tech, security and identity theft to keep families safe, homes smart, and life fun.

These are my two pieces of advice for keeping data secure over the holidays:

Use a VPN. Surfing the web and shopping online for the holidays can create an opportunity for hackers to steal your credit data and identity. Using a (VPN) when using public WiFi will help mask your identity and keep the data on your device and shared while shopping secure.

Sign up for Identity Theft Protection. Identity Theft Protection alerts you immediately if there is any suspicious activity on your credit cards and bank accounts or if someone tries to open a new credit account in your name. This proactive step will help you respond and recoup your losses quickly if an incident occurs, allowing you to have a stress-free holiday with family and friends.

DEEP VARMA

Deep Varma is the VP of Engineering at Trulia and has more than 20 years of experience building large-scale distributed web, mobile and data platforms. Varma leads all engineering functions across the Trulia business including both the frontend and backend teams to ensure the optimal customer experience.

These are my two pieces of advice for keeping data secure over the holidays:

Many companies have data scattered in log files, heterogeneous databases, Excel files or in other forms of persistence layers, which can make quality data collection very difficult. The first step to mitigating this is to find the right data engineers. Your data engineers need to specifically know how to build data pipelines and perform schema based validations on all datasets.

Privacy and security. We need to pay attention to small datasets to make sure our security is not compromised. There might be a big issue created by a small hole that we haven’t thought about. Most of the time, companies, and data security, fail because of the smaller things.

SCOTT HUXLEY

Scott Huxley has been involved in one form or another in the technology field since the age of eleven. Past experience includes working with a high technology voice deployment provider to his current role as vCIO or Virtual Chief Information officer for a technology company.

These are my two pieces of advice for keeping data secure over the holidays:

Enable 2-party verification for your accounts or two-factor authentication as it’s called commonly referred to as (2FA). This can be done simply by logging into your account and turning it on. PayPal as an example allows you to do this simply by logging into your account and activating this service. Doing so forces a text message to your mobile device that has to be entered before your account is accessed.

Avoid public Wi-Fi. Seems simple but public Wi-Fi is often poorly updated with little to no security management. Utilize your mobile device avoiding airport Wi-Fi as you travel or public Wi-Fi at the local bookstore as you sip on your latte.

CAL COOK

These are my two pieces of advice for keeping data secure over the holidays:

Only use “HTTPS” sites. The “S” at the end stands for “secure,” meaning that there is an additional layer of encryption on these sites that prevents site owners from viewing your payment information.

Install a malware protection system on your computer like Norton Antivirus, which will catch bugs before they have a chance to steal your data.

Ayana Miller

Ayana Miller is the founder and CEO of PRIVILGD, a boutique advisory firm specializing in privacy, security, and data protection for high-profile individuals. Miller’s experience includes nearly a decade of privacy program development, operations, strategy, and management in the government, social media and tech industries.

These are my two pieces of advice for keeping data secure over the holidays:

Delete/Deactivate Old and Unused Accounts. Minimizing your digital footprint will help decrease the likelihood that you are involved in a breach. One of the best ways to minimize your digital footprint is to clean up after your digital activities. If you no longer frequent certain websites but setup an account on their website at any point, request that it be deleted. Otherwise, the data you shared with the website may persist based on that site’s privacy policy.

Limit the Data You Share to ‘Need To Know’. When you share information with companies (online and offline), don’t be afraid to question why they need the data. You’ll likely find out that they don’t actually need it.They would love to have as much personal information as you’re willing to share, but that doesn’t mean they need it in order to offer their service. Only share what you’re required to share and use alternative information sources as much as possible. For example, if you have an option to create an account using either your social security number or a customer number, use the customer number. The customer number is unique and less sensitive, so it won’t be tied as closely to your personal information across other platforms if there is a data breach.